Jenkins in an awesome integration server, that can be used for free. However, having it on a non-standard www port, without a SSL, might be a problem. Accessing it from a public network might create a security threat. If you’ve got a Apache in front of your server, you can easily provide a secured proxy to Jenkins.

To do so, you need to create a VirtualHost for Apache, which will contain both: Proxy and SSL. Also it would be wise, to redirect standard HTTP requests.

If the visiting browser is still accessing the Jenkins page via http(80), (which is just then being directed internally to 443, and THAT traffic encrypted internally) then the external access could still be insecure.

The user needs to access the Jenkins site externally via https:// (which will use 443 directly), accepting the signed or unsigned certificate for their browser to encrypt all traffic coming and going from/to your server.

TwoReplies

Looks like you’re only securing the internal localhost loopback virtualhost, rather than the traffic externally.